fix(ff-a): prevent mem-share/lend from SP to NS-endpoint Only FFA_MEM_DONATE_32 is permitted from SP to NS-endpoint. Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com> Change-Id: I3fe611b5c239e896af421ed430770d6c25af2096

commit: a3d570cac871520923890ec18d20c049bc9cf402 [log] [tgz]
author: Maksims Svecovs <maksims.svecovs@arm.com> Wed Dec 08 11:16:32 2021 +0000
committer: Maksims Svecovs <maksims.svecovs@arm.com> Fri Jan 14 12:47:11 2022 +0000
tree: d39ebf90dc0ddd30aa4c26bbbbf7be4e4382ada4
parent: 1abb334f2df9d669c4aa3660273106035fa86bf9 [diff] [blame]
diff --git a/src/api.c b/src/api.c
index a507e34..ac3a741 100644
--- a/src/api.c
+++ b/src/api.c

@@ -2432,6 +2432,11 @@
 		goto out;
 	}
 
+	if (!plat_ffa_is_memory_send_valid(to->id, share_func)) {
+		ret = ffa_error(FFA_DENIED);
+		goto out;
+	}
+
 	if (to->id == HF_TEE_VM_ID) {
 		/*
 		 * The 'to' VM lock is only needed in the case that it is the
commit	a3d570cac871520923890ec18d20c049bc9cf402	[log] [tgz]
author	Maksims Svecovs <maksims.svecovs@arm.com>	Wed Dec 08 11:16:32 2021 +0000
committer	Maksims Svecovs <maksims.svecovs@arm.com>	Fri Jan 14 12:47:11 2022 +0000
tree	d39ebf90dc0ddd30aa4c26bbbbf7be4e4382ada4
parent	1abb334f2df9d669c4aa3660273106035fa86bf9 [diff] [blame]